<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
App::import('Component','Auth');
App::import('Core', array('Router', 'Security'), false);
class CustomAuthComponent extends AuthComponent{
	/*
	 * override hashPasswords -> not hash
	 */
	function hashPasswords($data) {
		return $data;
	}
	
	/**
	 * Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
	 *
	 * @param string $password Password to hash
	 * @return string Hashed password
	 * @access public
	 * @link http://book.cakephp.org/view/1263/password
	 */
	function password($password) {
		//return Security::hash($password, null, true);
		$model =& $this->getModel();
		return $model->hashPassword($password);
	}
	
	
	/**
	 * Identifies a user based on specific criteria.
	 *
	 * @param mixed $user Optional. The identity of the user to be validated.
	 *              Uses the current user session if none specified.
	 * @param array $conditions Optional. Additional conditions to a find.
	 * @return array User record data, or null, if the user could not be identified.
	 * @access public
	 */
	function identify($user = null, $conditions = null) {
		if ($conditions === false) {
			$conditions = array();
		} elseif (is_array($conditions)) {
			$conditions = array_merge((array)$this->userScope, $conditions);
		} else {
			$conditions = $this->userScope;
		}
		$model =& $this->getModel();
		if (empty($user)) {
			$user = $this->user();
			if (empty($user)) {
				return null;
			}
		} elseif (is_object($user) && is_a($user, 'Model')) {
			if (!$user->exists()) {
				return null;
			}
			$user = $user->read();
			$user = $user[$model->alias];
		} elseif (is_array($user) && isset($user[$model->alias])) {
			$user = $user[$model->alias];
		}
		if (is_array($user) && (isset($user[$this->fields['username']]) || isset($user[$model->alias . '.' . $this->fields['username']]))) 
		{
			if (isset($user[$this->fields['username']]) && !empty($user[$this->fields['username']])  && !empty($user[$this->fields['password']])) {
				if (trim($user[$this->fields['username']]) == '=' || trim($user[$this->fields['password']]) == '=') {
					return false;
				}
				$find = array(
					$model->alias.'.'.$this->fields['username'] => $user[$this->fields['username']],
				);
			} elseif (isset($user[$model->alias . '.' . $this->fields['username']]) && !empty($user[$model->alias . '.' . $this->fields['username']])) {
				if (trim($user[$model->alias . '.' . $this->fields['username']]) == '=' || trim($user[$model->alias . '.' . $this->fields['password']]) == '=') {
					return false;
				}
				$find = array(
					$model->alias.'.'.$this->fields['username'] => $user[$model->alias . '.' . $this->fields['username']],
				);
			} else {
				return false;
			}
			$data = $model->find('first', array(
				'conditions' => array_merge($find, $conditions),
				'recursive' => 0
			));
			// so sanh password
			$inputPassword = '';
			if (isset($user[$this->fields['password']])){
				$inputPassword = $user[$this->fields['password']];
			} elseif(isset($user[$model->alias. '.'. $this->fields['password']])){
				$inputPassword = $user[$model->alias. '.'. $this->fields['password']];
			}
			if(!$model->validatePassword($inputPassword, $data[$model->alias][$this->fields['password']])){
				return null;
			}
			if (empty($data) || empty($data[$model->alias])) {
				return null;
			}
			if($model->alias === 'Member'){
				$data['Member']['role'] = 'admin';
			}
		} elseif (is_array($user) && isset($user['facebook_user_id'])){// add for facebook login
			$find = array(
				$model->alias.'.facebook_user_id' => $user['facebook_user_id']
			);
			$data = $model->find('first', array(
				'conditions' => array_merge($find, $conditions),
				'recursive' => 0
			));
			if (empty($data) || empty($data[$model->alias])) {
				return null;
			}
		} elseif (!empty($user) && is_string($user)) {
			$data = $model->find('first', array(
				'conditions' => array_merge(array($model->escapeField() => $user), $conditions),
			));
			if (empty($data) || empty($data[$model->alias])) {
				return null;
			}
		}
		if (!empty($data)) 
		{
			if (!empty($data[$model->alias][$this->fields['password']])) {
				unset($data[$model->alias][$this->fields['password']]);
			}
			if(!empty($data[$model->alias]['modified'])){
				unset($data[$model->alias]['modified']);
			}
			if(!empty($data[$model->alias]['facebook_access_token'])){
				unset($data[$model->alias]['facebook_access_token']);
			}
			if(!empty($data[$model->alias]['facebook_user_id'])){
				unset($data[$model->alias]['facebook_user_id']);
			}
			return $data[$model->alias];
		}
		return null;
	}
	
	/**
	 * override user function , add profile information
	 * @return null
	 */
	function user($key = null) {
		$user = parent::user($key);
		if($key != null){
			return $user;
		}
		if($user && ($this->user('role') == 'user' || $this->user('role') =='specical' )){
			$profile = array(
				'Profile' => array(
					'icon_image' => $this->Session->read('User.icon_image'),
					'name' => $this->Session->read('User.name'),
					'headline' => $this->Session->read('User.headline')
				)
			);
			return array_merge($user, $profile);
		}else{
			return $user;
		}
		return null;
	}
	
	/**
	 * update value for sessionKy.$key
	 * @param string $key : name of column
	 * @param type $value
	 */
	function updateSessionData($key, $value) {
		$this->Session->write($this->sessionKey . '.' . $key, $value);
	}
}
?>
